package com.zw.demo01.config;

import com.zw.demo01.service.impl.LoginService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;

import java.util.ArrayList;
import java.util.List;

/**
 * 授权服务器
 *
 */
@Configuration
@EnableAuthorizationServer
public class AuthorizationServiceConfig extends AuthorizationServerConfigurerAdapter {
    @Autowired
    PasswordEncoder passwordEncoder;
    @Autowired
    AuthenticationManager authenticationManager;
    @Autowired
    LoginService loginService;

    @Autowired
    TokenEnhancer jwtTokenEnhancer;


//    @Autowired
//    @Qualifier("redisTokenStore")
//    TokenStore redisTokenStore;


    @Autowired
    @Qualifier("jwtTokenStore")
    TokenStore jwtTokenStore;

    @Autowired
    JwtAccessTokenConverter jwtAccessTokenConverter;



    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
//                设置jwt增强内容
        TokenEnhancerChain tokenEnhancerChain=new TokenEnhancerChain();
        List<TokenEnhancer> delegates=new ArrayList<>();
        delegates.add(jwtTokenEnhancer);
        delegates.add(jwtAccessTokenConverter);
        tokenEnhancerChain.setTokenEnhancers(delegates);

//    密码模式配置
        endpoints.authenticationManager(authenticationManager).userDetailsService(loginService)
//                token存储在redis
//                .tokenStore(redisTokenStore)

//                将access_token转换为jwt
                .tokenStore(jwtTokenStore).accessTokenConverter(jwtAccessTokenConverter).tokenEnhancer(tokenEnhancerChain);
        ;
    }

//    授权码模式配置,包括其他模式的配置
    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
//                客户端ID
                .withClient("client")
//                秘钥
                .secret(passwordEncoder.encode("112233"))
//                重定向地址
                .redirectUris("http://www.baidu.com")
//                作用域
                .scopes("all")

//                设置access_token失效时间
                .accessTokenValiditySeconds(2000)
//                设置refresh_token失效时间
                .refreshTokenValiditySeconds(10000)
                /*
                * 授权模式
                * authorization_code 授权码模式
                * password 密码模式
                * refresh_token 刷新令牌
                *
                * */
                .authorizedGrantTypes("authorization_code","password","refresh_token");

    }
}


